Eye on Certification: Security

Information security is one of the fastest-growing and the most popular areas for IT certification. Given the importance of information security in today’s increasingly global marketplace, it’s not surprising that demand is high for highly trained security professionals. Whether you care what’s the latest “hot cert,” if you want to compete with passive and active job seekers or simply plump up your skill set, you might want to consider adding one of the following certifications to your cache of marketable skills.Security Certs(ISC) ² (ISC) ², which declared 2005 to be the “Year of the Information Security Professional,” offers the Systems Security Certified Practitioner (SSCP) and the Certified Information Systems Security Professional (CISSP) certifications, the latter being more advanced. The SSCP is designed for candidates who are aiming for or have reached positions such as senior network security engineer, senior security systems analyst, senior security administrator, etc. The seven SSCP domains are access control, administration, audit and monitoring, cryptography, data communications, malicious code and malware, and risk, response and recovery. The CISSP is aimed at information security professionals at the mid- and senior-manager level who are working toward becoming chief information security officer, chief security officer or senior security engineer. The certification covers access control systems; application security; business continuity and disaster recovery planning (DRP); cryptography; information security and risk management; legal, regulations, compliance and investigations; operations security; physical (environmental) security; security architecture and design; security management practices; and telecommunications and network security. Both SSCPs and CISSPs will have access to (ISC)² services and programs, which include peer networking, events, forums, job postings and ongoing education opportunities. For more information, see www.isc2.org.SANS GIAC The Global Information Assurance Certification (GIAC) organization’s set of credentials regarding security is multilevel but not hierarchical — the programs are stand-alone and should not necessarily be taken in any particular order. Recently, GIAC certifications required completion of a written practical assignment that demonstrated candidates’ ability to apply their knowledge, although the SANS Institute decided to drop this in favor of more performance-driven testing methods that will be implemented in the future. Participants also must pass one or more technical exams for each credential. GIAC has three certification categories: audit, management and security administration. The first of these encompasses the GIAC Security Audit Essentials (GSAE), GIAC Certified ISO-17799 Specialist (G7799) and GIAC Systems and Network Auditor (GSNA) credentials. The management-class certifications are GIAC Information Security Specialist (GISP), GIAC Security Leadership Certification (GSLC) and GIAC Certified Security Consultant (GCSC). Security administration, the most extensive of the three groupings, has credentials at several skill levels and includes foundational, operating system-specific (Windows, UNIX) and solution-specific (firewalls, intrusion prevention) offerings. For more information, see www.giac.org.ISACA The Information Systems Audit and Control Association (ISACA) has a pair of vendor-neutral credentials: the Certified Information Systems Auditor (CISA) and the Certified Information Security Manager (CISM). Of the two, the latter is more focused on IT security specifically, but the CISA has some security components. To attain the CISM, candidates must pass the Certified Information Security Manager (CISM) exam, agree to follow ISACA’s code of professional ethics and validate that they have a minimum of five years’ on-the-job experience in information security with a minimum of three years of information security management work experience in at least three of the job practice-analysis areas covered in the exam. (Certain work experience substitutions are available.) Those subjects are information security management, information security program management, information security governance, risk management and response management. The CISA program covers IS audit, control and security. ISACA includes IT security professionals as part of its target audience for this certification. The CISA exam has seven content areas, three of which deal with security: protection of information assets (the largest portion of the exam), disaster recovery and business continuity and business process evaluation and risk management. For more information, see www.isaca.org.CompTIA Security+ assesses the knowledge of IT professionals with two years of on-the-job networking experience with emphasis on security. The certification exam covers communication security, infrastructure security, cryptography, access control, authentication, external attack, and operational and organizational security. CompTIA considers Security+ to be one of its top three offerings, along with A+ and Network+. Security+, which is offered at colleges, universities and commercial training centers around the world, also counts as an elective or prerequisite to several advanced security certifications. For more information, see www.comptia.org.Check Point Software provider Check Point offers a range of security and security management certifications that deal with both general skills and knowledge, as well as the company’s specific solutions. Check Point’s core certifications include Check Point Certified Security Principles Associate (CCSPA), Check Point Certified Security Administrator NGX (CCSA NGX), Check Point Certified Security Expert NGX (CCSE NGX) and Accelerated CCSE NGX. Advanced specializations include Check Point Certified Security Expert Plus NGX (CCSE Plus NGX) and Check Point Certified Managed Security Expert NGX (CCMSE NGX). For more information, see www.checkpoint.com.Cisco Cisco Systems offers security credentials at the specialist, professional and expert levels of its program. In the Cisco qualified specialist category, there are a few certifications for specific areas of security, including the Cisco Firewall Specialist, which focuses on securing network access using Cisco IOS Software and Cisco PIX Firewall Technologies, and the Cisco IPS Specialist, for the operation and inspection of Cisco IOS Software and intrusion-prevention systems (IPS) technologies. The Cisco Certified Security Professional (CCSP) is an intermediate-level certification that tests IT professionals’ ability to secure and manage network infrastructures. The program, which has five exams, addresses issues such as virtual private networks, intrusion protection and integrated network security solutions. At the elite CCIE level, the security credential requires successful completion of a written test (which covers security protocols, operating systems, application protocols, general networking, security technologies and Cisco security applications) and a hands-on lab exam (an eight-hour trial that involves building a series of secure networks armed with PIX and IOS firewalls, as well as an intrusion detection system). For more information, see www.cisco.com.Microsoft Security specializations are included in both the Windows 2000 and Windows Server 2003 versions of the Microsoft Certified Systems Engineer (MCSE) certification program. Windows 2000 MCSE: Security candidates must pass